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PATENTS 



IN THE UNITED STATES PATENT AND TRADEMARK OFFICE 



Art Unit: Z134 
Confirmation No. 5130 
Examiner: Andrew Nalven 



In re Application of: 

Sterling Michael Pearson 

Serial No. 09/469,586 

Piled: December 22, 1999 

For: Method and System far Remotely 
Configuring and Monitoring a 
Communication Device 



REQUEST FOR AN INITIALED COPY OF THE PTO-1449 FORMS 
FILED WITH THE INFORMATION DISCLOSURE STATEMENTS 
OF MARCH 22, 2QQ0 and DECEMBER 3, 2004 



RECEIVED 
CENTRAL *X CENTER 

MAR 1 g 2005 



March 16, 2005 



Commissioner for Patents 
Mail Stop Box Issue Fee 
Alexandria, VA 22313-1450 

Sir; 



The Applicant respectfully requests the Examiner to consider and initial the attached 
PTO-1449 forms that were previously filed with the Information Disclosure Statements (IDS's) 
prior to the Notice of Allowance of March 3, 2005. The Applicant has not received a copy of the 
PTO-1449 forms that bears the Examinees initials. 

For the Examiner's convenience, the undersigned has attached a copy of each IDS with 
the PTO-1449 forms that were not properly initialed by the Examiner. These documents were 
filed on March 22, 2000 and December 3, 2004. The Applicant has also provided a post card 
receipt for each IDS submission that evidences the receipt of these documents by the U.S. Patent 
and Trademark Office. 

Consideration and return of the initialed copy of the attached PTO-1449 forms is 
respectfully requested. The Examiner is requested to return the initialed copy of the attached 



I hereby certify that this correspondence is being facsimile transmitted to: Commissioner for Patents, 
Mail Stop Issue Fee, P. O. Box 1450, Alexandria, VA 22313-1450, GAU 2134, Attn: Examiner Andrew 
L. Nalven, Facsimile No. (703) 872-9306 jfn March 16, 2005. 



Sieved. Wicmore, Ree. No. 40.447 
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Serial No. 09/469,586 



PTO-1449 forms via facsimile to the undersigned. The undersigned's facsimile number is 404- 



If there are any other issues remaining in this application that may be resolved by a 
telephone conference,' the Examiner is invited to contact the undersigned at the following number 
in the Atlanta Metropolitan Area: 404-572-2884. 



King & Spalding LLP 
191 Peachtree Street 
Atlanta, Georgia 30303 
404.572.4600 

K&S Docket: 07609.105002 



572-5145. 



Respectfully submitted, 



Steven^. Wigmore 
Reg.>No. 40,447 
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copy 



/ 



Please stamp with date of receipt & return to addressee: 



Applicant: 
Serial No/. 
Filing Dale: 
Title: 



Sterling Michael Pearson 

09/469>5S6 

22 December 1999 

Method and System for Remotely 

Configuring and Monitoring a . 

Communication Device 



Papers Submitted: Information Disclosure Suuemeni; 

List of Information Disclosed By Applicant; 



Attorney: 
Date Mailed: 
Docket: 



postcard 

DL/'SLP/rb 
Marok 22, 2000 

19433-0100 




/ 



RECEIVED 

APR 0 3 2000 

JONES & ASKEW 



COPY 
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Patents 

IN THE UNITED STATES PATENT AND TRADEMARK OFFICE 

In re Application of: 

Sterling Michael Pearson 

Serial No. 09/469,586 

Rled: December 22, 1999 

For: Method and System for Remotely 
Configuring and Monitoring a 
Communication Device 

INFORMATION DISCLOSURE STATEMENT 



Ait Unit: 
Examiner. 



Assistant Commissioner for Patents 
Washington, DC 20231 



Sir: 



The citation of information on the attached Form PTO-1449, "List of Art Cited by Applicant" 
is made pursuant to 37 Ci\R. §§ L56 T 1.97, and 1.98. A copy of each cited item is enclosed. 

The citation of this information does not constitute an admission of priority or that any cited 
item is available as a reference, or a waiver of any right the applicant may have under applicable statutes, Rules 
of Practice in patent cases, or otherwise. 

Respectfully submitted, 



Dale Lischer 
Reg. No. 28,438 

JONES & ASKEW, LLP 
2400 Monarch Tower 
3424 Peachtree Road, NIL 
Adanta, Georgia 30326 



Atlanta, ureorgm oujzo 

(404) 949-2400 W\ ft D V 

Our Docket: 19433-0100 W W ■ ■ 



I hereby certify that this correspondence is being deposited with the United States Postal 
Service as first class mail in an envelope addressed to: Assistant Commissioner for Patents. 
Washington, DC 20231, on March 22, 2000. 



^ale I^her - Reg. No. 28.4: 
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PATENTS 



IN THE UNITED STATES PATENT AND TRADEMARK OFFICE 



In re Application of: 

Sterling Michael Pearson 
09/469,586 
December 22, 1999 



Serial No.: 
Filing Date: 
Title: 



Method and System for Remotely 
Configuring and Monitoring a 
Communication Device 



SUPPLEMENTAL INFORMATION DISCLOSURE STATEMENT 



Ait Unit 2134 

Examiner: Andrew L- Nalven 
Confirmation No.: 5130 



Mail Stop ROE December 3, 2004 

Commissioner for Patents 
P.O.Box 1450 
Alexandria, VA 22313-1450 

Sir: 

Applicant cites the information on the attached Form PTO-1449, "List of Information 
Disclosed by Applicant," pursuant to 37 CF.R. §§ 1,56, 1.97, and 1.98. Applicant has enclosed a copy 
of each cited item. 

The citation of this information does not constitute an admission of priority or that any 
cited item is available as a reference, or a waiver of any right the applicant may have under applicable 
statutes, Rules of Practice in patent cases, or otherwise. 

Respectfully submitted, 




King & Spalding LLP 

45 th Floor, 191 Peachtree Street, N.E. 

Atlanta, GA 30303 

404.572.4600 

K&S Docket: 07609.105002 
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addressed to: Commissioner for Patents, Mail Stop RCE, P.O.Box 1450, Alexandria, VA 22313-14S0, on December 3, 2004. 
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PATENTS 



IN THE UNITED STATES PATENT AND TRADEMARK OFFICE 



In re Application of: 



Sterling Michael Pearson 



Art Unit: 2134 



Serial No. 09/469,586 



Confirmation No. 5130 



Filed: December 22, 1999 



Examiner: Andrew Nalven 



For: Method and System for Remotely 
Configuring and Monitoring a 
Communication Device 



COMMENTS ON STATEMENT OF REASONS 
FOR ALLOWANCE FILED PURSUANT TO 37 CFR § 1.104(e) and MPEP § 1302.14 



Pursuant to 37 C.FJL § 1.104(e), the Applicant is submitting the following comments 
which axe requested to be made part of the Official file history for this patent application: 



The Applicant respectfully submits that the Examiner's Reasons for Allowance that were 
attached to the Notice of Allowance mailed on March 3, 2005 DO NOT PROVIDE information 
that is equivalent to the information contained in the application file in which the Examiner's 
Office actions and the Applicants' replies make evident the Examiner's reasons for allowing the 
claims. 

1 hereby certify that this correspondence is being facsimile transmitted to: Commissioner for Patents, 
Mail Stop Issue Fee, P. O. Box 1450, Alexandria, VA 22313-1450, GAU 2134, Attn: Examiner Andrew 
L. Nalven, Facsimile No. (703) 872-^306 March 16, 2005. 
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Serial No, 09/469,586 



The Applicant repeats the Examiner's reasons for allowance as follows for discussion 
purposes: 

"The present invention teaches a method for remotely monitoring 
each of a plurality of network intrusion protection devices with a 
remote monitoring center. Each independent claim identifies the 
distinct feature of having each network intrusion device of a 
plurality of network intrusion devices operative to make the 
deterarination that the communication represents a security risk 
independently after being configured and without control from the 
remote monitoring center. The closest prior act, Proctor et al US 
Patent No. 6,530,024 teaches a host based security policy [sic] 
system. The cited prior art fails to teach each network intrusion 
device of a plurality of network intrusion devices operative to 
make the determination that the communication represents a 
security risk independently after being configured and without 
control from the remote monitoring center and thus fails to 
anticipate or render the above limitations obvious (see Applicants 
Arguments submitted 01/31/05 Pages 16-17). Thus, the cited prior 
art fails to anticipate or render obvious the above-cited claims. . 

The Examiner's reasons for allowance do not address the differences in claim scope 
between independent Claims 41, 47, and 67. One basis why the Examiner's reasons do not 
address the differences between independent Claims 41, 47, and 67 is that the Examiner's 
reasons fail to mention that Claims 41 and 47 are method claims while Claim 67 is a system or 
apparatus claims. Another basis why the Examiner's reasons do not address the differences 
between independent Claims 41, 47, and 67 is that the reasons fail to acknowledge that there are 
other elements in each of the independent claims that when considered as whole make each 
independent claimed invention allowable over the prior art of record. 

To assist in understanding the differences in scope between these independent claims, the 
Applicants have provided a copy of the independent Claims below. 
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41, A method for remotely monitoring each of a 
plurality of network intrusion protection devices with a remote 
monitoring center under control by a service provider servicing the 
intrusion protection requirements of a plurality of customers 
comprising the steps of: 

receiving at the remote monitoring center a first 
transmission comprising a first identification number and a 
network address associated with one of a plurality of network 
intrusion prevention devices monitored by the remote monitoring 
center which operates at a location other than a site of any one of 
the customers, each network intrusion prevention device positioned 
in-line and between a computer network controlled by one of the 
customers and a distributed computer network that i$ not 
controlled by the customers, each network intrusion prevention 
device operative to block a communication from passing to the 
corresponding computer network via the distributed computer 
network by terminating the communication based on a 
determination that the communication represents a security risk to 
at least one of the computers coupled to the computer network, 
each network intrusion prevention device operative to make the 
determination that the communication represents a security risk 
independently after being configured and without control from the 
remote monitoring center, each network intrusion prevention 
device comprising a firewall, an intrusion detector, and a remote 
monitoring controller communication module, wherein the remote 
monitoring controller communication module is operatively 
coupled to the remote monitoring center; 

storing the identification number and network address for 
the network intrusion prevention device in a database at the remote 
monitoring center; 

receiving at the remote monitoring center a second 
identification number dining a second transmission from the 
network intrusion prevention device; 

comparing the second identification number with the first 
identification number at the remote monitoring center and, in 
response to a match between the first identification number and 
second identification number, identifying a plurality of security 
policy options that are selectable by the network intrusion 
prevention device; 

generating a configuration file with the remote monitoring 
center in response to selection of at least one of the security policy 
options by the network intrusion prevention device, the 
configuration file governing the intrusion protection operation for 
the network intrusion prevention device; 
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transmitting the configuration file from the remote 
monitoring center to configure the network intrusion prevention 
device; 

monitoring the network intrusion prevention device by the 
remote monitoring center for issuance of an alert signal issued by 
the network intrusion prevention device in response to a 
determination that the communication represents a security risk to 
at least one of the computers coupled to the computer network; 

receiving the alert signal at the remote monitoring center; 

and 

assigning the alert signal an order and taking responsive 
action at the remote monitoring center based upon the assigned 
order. 
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47. A method for remotely monitoring a plurality of 
network intrusion prevention devices based on operations of a 
remote monitoring center managed by a service provider, 
comprising the steps of: 

presenting security policy options with the remote 
monitoring center, the security policy options selectable by each of 
the network intrusion prevention devices, each network intrusion 
prevention communication device positioned in-line and between a 
computer network under control of one of a plurality of customers 
and a distributed computer network that is not under control of the 
customers; 

generating a configuration file with the remote monitoring 
center in response to selection of the security policy options by 
each of the network intrusion prevention devices; 

transmitting the configuration file from the remote 
monitoring center to configure the network intrusion prevention 
devices, each network intrusion prevention device operative to 
process a communication carried by the distributed computer 
network and intended for delivery to a computer coupled to a 
corresponding one of the computer networks to determine whether 
the communication represents a security risk to the computer 
network in accordance with the configuration file, each network 
intrusion prevention device operative to determine whether the 
communication represents a security risk independently after being 
configured and without control from the remote monitoring center, 
the network intrusion prevention device further operative to issue 
an alert signal and to terminate the communication in response to a 
determination that the communication represents a security risk, 
each network intrusion prevention device comprising a firewall, an 
intrusion detector, and a remote monitoring controller 
communication module, the remote monitoring controller 
communication module coupled to the remote monitoring center; 

monitoring the network intrusion prevention devices with 
the remote monitoring center to detect an issuance of the alert 
signal from one of the network intrusion prevention devices; 

receiving the alert signal with the remote monitoring 
center, and 

forwarding the alert signal to a remote agent associated 
with the service provider, wherein the alert signal provides an 
advisory of the security risk faced by the network intrusion 
prevention device that issued the alert signal. 
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61. A system for remotely monitoring the security 
status of a plurality of computer networks, each computer network 
associated with one of a plurality of entities, comprising: 

a plurality of network intrusion prevention devices, each 
network intrusion prevention device coupled in-line and between 
one of the computer networks associated with a particular one of 
the entities and a distributed computer network that is not 
associated with any of the entities, 

wherein each network intrusion prevention device is 
operative to process a communication carried by the distributed 
computer network and intended for delivery to a computer coupled 
to the corresponding computer network to determine whether the 
communication represents a security risk to the computer network, 
and 

wherein each network intrusion prevention device is 
further operative to block the communication from passage to the 
computer network by terminating the communication and to 
transmit an alert signal via the distributed computer network in 
response to a determination by the network intrusion prevention 
device that the communication represents a security risk, each 
network intrusion prevention device operative to make the 
determination that the communication represents a security risk 
independently after being configured and without control of a 
remote monitoring center, each network intrusion prevention 
device comprising a firewall, an intrusion detector, and a remote 
monitoring controller communication module, the remote 
monitoring controller communication module coupled to the 
remote monitoring center; and 

the remote monitoring center operated on behalf of the 
entities by a service provider, the remote monitoring center 
coupled to the distributed computer network, remotely located 
from each of the computer networks, and operative to monitor the 
security status of each one of the plurality of computer networks 
based upon status information transmitted by the network intrusion 
prevention devices for the computer networks, the remote 
monitoring center responsive to receipt of the alert signal 
transmitted by any one of the network intrusion prevention devices 
to complete an analysis of the alert signal and to take a responsive 
action based on the analysis of the alert signal. 

The Applicants are submitting these comments so that if the claims listed above are ever 
litigated, it will be understood that the independent claims of this application have varying 
degrees of scope. As a non-limiting example that the independent claims of this patent 
application have varying degrees of scope (and with it being understood that there are several 
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other differences between the independent claims of this patent application that are not discussed 
in these comments), independent Claim 41 describes an element of .receiving at the remote 
monitoring center a first transmission comprising a first identification number and a network 
address associated with one of a plurality of network intrusion prevention devices. . . However, 
independent Claims 47 and 61 do not recite this element 

As another non-limiting example, independent Claim 61 describes a system that 
comprises a remote monitoring center that is responsive to receipt of an alert signal that is 
transmitted by one of the network intrusion prevention devices to complete an analysis of the 
alert signal and to take a responsive action on the analysis of the alert signal. Meanwhile, 
independent Claim 41 describes a method with a steps for receiving the alert signal at the remote 
monitoring center and assigning the alert signal an order and taking responsive action at the 
remote monitoring center based upon the assigned oider. And independent Claim 47 describes a 
method with a step for forwarding the alert signal to a remote agent associated with the service 
provider, wherein the alert signal provides an advisory of the security risk faced by the network 
intnision prevention device that issued the alert signal 



In light of the differences noted above between the three independent claims, it is clear 
that the Examiner's Reasons for Allowance that were attached to the Notice of Allowance mailed 
on March 3, 2005 DO NOT PROVIDE information that is equivalent to the information 
contained in the application file in which the Examiner's Office actions and the Applicants* 
replies make evident the Examiner's reasons for allowing the claims. These comments make it 
apparent that each allowed independent claim has a unique combination of elements that is 
patentable over the prior art of record. 
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